package com.login.sotoken.controller.user;

import cn.dev33.satoken.annotation.*;
import cn.dev33.satoken.stp.StpUtil;
import cn.dev33.satoken.stp.parameter.SaLoginParameter;
import cn.dev33.satoken.util.SaResult;
import com.login.sotoken.common.AjaxJson;
import com.login.sotoken.req.LoginListReq;
import com.login.sotoken.resp.LoginGetResp;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import jakarta.validation.Valid;
import org.springframework.beans.BeanUtils;
import org.springframework.web.bind.annotation.*;

/**
 * @Description
 * @Author xiaohuang
 * @Date 2025/8/14
 */
@SaCheckLogin
@Tag(name = "权限控制管理", description = "权限管理接口")
@RestController
@RequestMapping("/permission")
public class PermissionController {


    @Operation(summary = "新增（需要新增权限）")
    @SaCheckPermission("user-add")
    @GetMapping("add")
    public AjaxJson add() {
        return AjaxJson.getSuccess("新增成功");
    }

    @Operation(summary = "新增-列表（需要新增、列表权限，且为管理员）")
    @SaCheckPermission({"user-add", "user-list"})
    @SaCheckRole(value = {"admin", "super_admin1"}, mode = SaMode.OR)
    @GetMapping("addList")
    public AjaxJson addList() {
        return AjaxJson.getSuccess("新增-列表成功");
    }

    @Operation(summary = "完成二级认证")
    @GetMapping("openSafe")
    public AjaxJson openSafe() {
        StpUtil.openSafe(200); // 打开二级认证，有效期为200秒
        return AjaxJson.getSuccess();
    }

    @Operation(summary = "通过二级认证后才可以进入")
    @SaCheckSafe
    @PostMapping("checkSafe")
    public AjaxJson checkSafe(@RequestBody @Valid LoginListReq req) {
        if("zhang".equals(req.getUsername()) && "123456".equals(req.getPassword())) {
            // 比对成功，为当前会话打开二级认证，有效期为120秒
            StpUtil.openSafe(120);
            return AjaxJson.getSuccess("二级认证成功");
        }
        return AjaxJson.getError("二级认证失败");
    }

    @Operation(summary = "通过Basic认证后才可以进入,swagger身份认证")
    @SaCheckHttpBasic(account = "admin:admin")
    @GetMapping("checkBasic")
    public AjaxJson checkBasic() {
        return AjaxJson.getSuccess();
    }

    @Operation(summary = "只有通过HttpDigest认证后才能进入该方法,swagger身份认证")
    @SaCheckHttpDigest(value = "admin:admin1")
    @GetMapping("digest")
    public AjaxJson digest() {
        return AjaxJson.getSuccess("Digest成功");
    }



    //@SaIgnore 可表示一个接口忽略认证
    @Operation(summary = "接口忽略认证")
    @SaIgnore
    @GetMapping("ignore")
    public AjaxJson ignore() {
        return AjaxJson.getSuccess("ignore成功");
    }

    //批量认证
    //在 `@SaCheckOr` 中可以指定多个注解，只要当前会话满足其中一个注解即可通过验证，进入方法。
    @Operation(summary = "批量认证，SaCheckOr注解使用")
    @GetMapping("saCheckOr")
    @SaCheckOr(
            role = @SaCheckRole("admin"),
            permission = @SaCheckPermission("user.add"),
            safe = @SaCheckSafe("admin:admin"),
            httpBasic = @SaCheckHttpBasic(account = "admin:admin"),
            disable = @SaCheckDisable("submit-orders"))
    public AjaxJson saCheckOr() {
        return AjaxJson.getSuccess("saCheckOr成功");
    }

    //每一项属性都可以写成数组形式
    @Operation(summary = "批量认证，SaCheckOr注解使用")
    @GetMapping("saCheckOrArray")
    @SaCheckOr(login = {@SaCheckLogin(type = "login"), @SaCheckLogin(type = "user")})
    public AjaxJson saCheckOrArray() {
        return AjaxJson.getSuccess("saCheckOrArray成功");
    }

}
